diff --git a/mysql-test/r/select.result b/mysql-test/r/select.result
index 598ea2b10d1..e2c4609d902 100644
--- a/mysql-test/r/select.result
+++ b/mysql-test/r/select.result
@@ -3337,3 +3337,11 @@ id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t2	const	PRIMARY	PRIMARY	4	const	1	Using index
 1	SIMPLE	t3	const	PRIMARY	PRIMARY	8	const,const	1	
 DROP TABLE t1,t2,t3;
+create table t1(f1 char, f2 char not null);
+insert into t1 values(null,'a');
+create table t2 (f2 char not null);
+insert into t2 values('b');
+select * from t1 left join t2 on f1=t2.f2 where t1.f2='a';
+f1	f2	f2
+NULL	a	NULL
+drop table t1,t2;
diff --git a/mysql-test/t/select.test b/mysql-test/t/select.test
index a73d08f5f18..a85b82a7767 100644
--- a/mysql-test/t/select.test
+++ b/mysql-test/t/select.test
@@ -2805,3 +2805,13 @@ EXPLAIN SELECT t2.key_a,foo
     WHERE t2.key_a=2 and key_b=5;
 
 DROP TABLE t1,t2,t3;
+
+#
+# Bug#15268 Unchecked null value caused server crash
+#
+create table t1(f1 char, f2 char not null);
+insert into t1 values(null,'a');
+create table t2 (f2 char not null);
+insert into t2 values('b');
+select * from t1 left join t2 on f1=t2.f2 where t1.f2='a';
+drop table t1,t2;
diff --git a/sql/item_cmpfunc.h b/sql/item_cmpfunc.h
index bfd32223d4c..b4064fb45b8 100644
--- a/sql/item_cmpfunc.h
+++ b/sql/item_cmpfunc.h
@@ -723,9 +723,9 @@ public:
   {
     char buff[STRING_BUFFER_USUAL_SIZE];
     String tmp(buff, sizeof(buff), cmp_charset), *res;
-    if (!(res= arg->val_str(&tmp)))
-      return 1;				/* Can't be right */
-    return sortcmp(value_res, res, cmp_charset);
+    res= arg->val_str(&tmp);
+    return (value_res ? (res ? sortcmp(value_res, res, cmp_charset) : 1) :
+            (res ? -1 : 0));
   }
   int compare(cmp_item *c)
   {